Hi there ... I saw you use O(n) algorithms to search for known anti vm patterns ( and generally speaking for known patterns from userdb ) ... no need to say, if you plan to make your db bigger ( and more updated ) this is gonna be SLOW, especially with big PE files ( i.e. few executable code with a big .rsrc section ).
It would be a better approach to use the Aho-Corasick algorithm which is perfect in such circumstances ... you can find a Python implementation here, unless you are familiar with finite state automata, trie data structures, etc and you want to implement your own ( which I guarantee is quite funny to do :) ).
Hi there ... I saw you use O(n) algorithms to search for known anti vm patterns ( and generally speaking for known patterns from userdb ) ... no need to say, if you plan to make your db bigger ( and more updated ) this is gonna be SLOW, especially with big PE files ( i.e. few executable code with a big .rsrc section ). It would be a better approach to use the Aho-Corasick algorithm which is perfect in such circumstances ... you can find a Python implementation here, unless you are familiar with finite state automata, trie data structures, etc and you want to implement your own ( which I guarantee is quite funny to do :) ).